Author Topic: avast and filemon  (Read 9985 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re:avast and filemon
« Reply #15 on: October 28, 2004, 12:25:26 AM »
Vlk, I asked Igor:

Is there any way, easy and no so resource consumming, to generate and get this crashdump? Remember, the CPU does not 'crash' really, just the computer become slow and slow...

Igor answered me this

Actually, it's possible to initiate a common blue-screen using keyboard (and get the memory dump during it): http://support.microsoft.com/default.aspx?scid=kb;EN-US;244139
However, I think I should ask Vlk first if this dump would be of any use for him.
The best things in life are free.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11664
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:avast and filemon
« Reply #16 on: October 28, 2004, 01:11:32 AM »
Technical the big dump is unnecessary.
What would help is an ashServ dump. The creation is described here:
http://forum.avast.com/index.php?board=10;action=display;threadid=7925

It's actually not too difficult (can be fun) :)

Cheers
Vlk
If at first you don't succeed, then skydiving's not for you.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re:avast and filemon
« Reply #17 on: October 28, 2004, 02:52:00 AM »
I'll try. Can you say me if I can have the debugger attached all the time without too much resources lost? (I think not)
If not, I'll need to wait for the problem (as I can't simulate it).

I don't know if I'll be able to turn off the Standard Shield provider before attaching the debugger to aswServ.exe because system is very bad at that condition...  :-\
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re:avast and filemon
« Reply #18 on: October 28, 2004, 01:44:20 PM »
Well, indeed I tried to attach the debbuger while Standard Shield were running and I have to turn off the computer  :-\

Vlk, must I test it connected and at the same time without antivirus protection? Strange... Dangerous?!

Other questions to go on:

1. Did I check the 'Noninvasive' option on the 'Attach to the process' window?

2. Should I close the window 'Disassembling' to enter the command line?

3. Can you open a FTP for me? pk tried four or five times this week without success...  :'(

4. What will be the size of the dump file? As much as the RAM? Well, it won't be easy so to send you all of it...

5. I tried last night but I had to wait more than 10 minutes and nothing, no HDD or monitor response, nothing. The dump file has 0 kb (corrupt of corse).
The best things in life are free.